[SOLVED] Variables saved in a variable in mysql

[Loudnclear]

Hi all,

 

I can't use values saved with a text in mysql.

 

Let's say I created a template message and saved it in mysql: "Hello world! Said $user to $friend."

Let's call this $message.

 

I have a form that 'post' my variables $user="Alexandre"; and $friend="Arthur"; in my php script.

The script do a query for the template $message in mysql --> Good.

 

The script must compose a text using values of $user and $friend to get : "Hello world! Said Alexandre to Arthur."

--> No good, I only get :  "Hello world! Said $user to $friend."

 

Of course if $message is directly defined in the script, everything is fine.

 

Can someone give a hand on this please?

[Maq]

Can you post some code on how you're using this?  Sounds like you have interpolation issues.

[Loudnclear]

Of course. Tx for your assistance.

 

<?php
require_once("connection.php"); 



// MESSAGE TEMPLATE FROM DB
$query_msg = "SELECT message FROM emails ORDER BY id ASC";
$result_msg = mysql_query($query_msg,$connection);
$count_msg = mysql_num_rows($result_msg);
					if ($count_msg > 0) { 	 $message_user = mysql_result($result_msg,0,'message');
											 $message_ap = mysql_result($result_msg,1,'message');
											 $message_ops = mysql_result($result_msg,2,'message');
}

// FORM POSTED INFO
$date = date("Ymd");
$user_firstname= "yep";
$user_lastname= "Man";

$user_email= "test@";


$ap_firstname= "Joyce";
$ap_lastname= "of the light";
$ap_phone= "00000";
$ap_email= "yo@yo.com";

$ticket  = "2002020202";

echo "$message_user";
echo "<br /><br />";
echo "$message_ap";
echo "<br /><br />";
echo "$message_ops";
?>

 

What the db should reply for the first record:

Thank you for your submission $user_firstname,

Your request has been received. Your reference number is $ticket.
A member of the Team will contact you within 5 working days.

When we'll need to contact you, we'll preferably use your email address $user_email.


Regards,
The team
$regional_ops

[Maq]

How are you inserting this into your DB?  I think the cause of the problem is prior to this.

[Loudnclear]

Maybe. The table 'emails' has only 2 field. id, message.

I get the messages I need by there ID.

 

the script to edit the message is:

 

<?php
// FORM POSTED INFO
//Cleaned by escaping harmful chars by function mysql_cleaner
$message= mysql_cleaner($_POST['email']);
$idm= mysql_cleaner($_POST['email_list']);
// END OF FORM posted info

								$query = "UPDATE emails SET message='$message' WHERE id='$idm'" ; 

								if (mysql_query($query, $connection))
											{
											echo "<p>Message processed successfully by the database.</p>";																	
											}
								else
											{
												// If it did'nt go well, display the error message
												echo "<p>The database did not process your request. Please, contact the webmaster referencing the error below. </p>";
												echo "<p>" . mysql_error() . "</p>";
											}

								mysql_close($connection);
			  			
?>

[Maq]

Echo out your variables and queries to see where these variables are being treated as literals.  What does the mysql_cleaner() do?

[Loudnclear]

I echoed out all the variables, they are only treated as literals when they come from the mysql response.

 

Here is the content of the function mysql_cleaner:

 

function mysql_cleaner( $value ) {
	$magic_quotes_active = get_magic_quotes_gpc();
	$new_enough_php = function_exists( "mysql_real_escape_string" ); // i.e. PHP >= v4.3.0
	if( $new_enough_php ) { // PHP v4.3.0 or higher
		// undo any magic quote effects so mysql_real_escape_string can do the work
		if( $magic_quotes_active ) { $value = stripslashes( $value ); }
		$value = mysql_real_escape_string( $value );
	} else { // before PHP v4.3.0
		// if magic quotes aren't already on then add slashes manually
		if( !$magic_quotes_active ) { $value = addslashes( $value ); }
		// if magic quotes are active, then the slashes already exist
	}
	return $value;
}

[corbin]

Variable insertion occurs during the definition of a string in PHP.  When things come from MySQL, they are always strings, hence variables will not be inserted in.

[Loudnclear]

Ok, so there is no way to use a template emails which will be pulled out of mysql.

What would be a way to do that?

I'd like my colleagues to be able to edit there own message that will be used by my php application.

[Loudnclear]

This should work then, except that it's not :

<?php
require_once("connection.php"); 
require_once("functions.php");


// MESSAGE SENT TO USER VIA MAIL AND SCREEN
$query_msg = "SELECT message FROM emails ORDER BY id ASC";
$result_msg = mysql_query($query_msg,$connection);
$count_msg = mysql_num_rows($result_msg);
					if ($count_msg > 0) { 	 $message_user0 = mysql_result($result_msg,0,'message');
											 $message_ap0 = mysql_result($result_msg,1,'message');
											 $message_ops0 = mysql_result($result_msg,2,'message');}

// FORM POSTED INFO
//Cleaned by escaping harmful chars by function mysql_cleaner

$date = date("Ymd");
$user_firstname= "yep";
$user_lastname= "Man";

$user_email= "test@";


$ap_firstname= "Joyce";
$ap_lastname= "de la lumiere";
$ap_phone= "00000";
$ap_email= "yo@yo.com";

$ticket  = "2002020202";

$search = array("$date", "$user_firstname", "$user_lastname", "$user_email", "$ticket", "$ap_firstname", "$ap_lastname" );
$replace   = array("$date", "$user_firstname", "$user_lastname", "$user_email", "$ticket", "$ap_firstname", "$ap_lastname" );
$message_user = str_replace($search, $replace, $message_user0);
$message_ap = str_replace($search, $replace, $message_ap0);
$message_ops = str_replace($search, $replace, $message_ops0);

echo "$message_user";
echo "<br /><br />";
echo "$message_ap";
echo "<br /><br />";
echo "$message_ops";
?>

[Loudnclear]

Solution, use this after getting the data from the db.:

 

eval("\$message_user = \"$message_user\";");
eval("\$message_ap = \"$message_ap\";");
eval("\$message_ops = \"$message_ops\";");